add attribute with radsecproxy => wrong value at freeradius

Alan DeKok aland at deployingradius.com
Tue Jun 6 16:14:54 CEST 2017


> On Jun 6, 2017, at 10:08 AM, Michael Baye <excelsio at gmx.com> wrote:
> 
>   Hello,
>   - within radsecproxy.conf you can add simple rewrite rules with
>   "addVendorAttribute <vendor>:<attribute>:<value>"
>   with all numerical values just like with the other attribute
>   configuration options.
>   e.g.:
>   rewrite miktest {
>           addVendorAttribute 14988:27:2000
>           addVendorAttribute 14988:26:0
>   }

  I suggest reading the radsecproxy documentation to see how to add integer / octets attributes.

  i.e. there is nothing in the above which says what data type is being used.

>   - When I radtest with a client, I get:
>   Received Access-Accept
>   :
>   Mikrotik_Wireless_VLANIDtype = 842018864
>   Attr-26.14988.26 = 0x30

  Note "842018864" == 0x32303030, or "2000" in ASCII.

  The same goes for 0x30, which is "0".

  radsecproxy is clearly treating the values as strings, and not as integers.

>   => So, the number 2000 is transformed into 842018864 and 0 is
>   transformed into 0x30.
>   => My question is: Why is it transformed and how can I stop this?

  Ask the radsecproxy people how their software works.

  And read the radsecproxy documentation to see how to configure it.

>   Looking at /usr/share/freeradius/dictionary.mikrotik:
>   ATTRIBUTE       Mikrotik_Wireless_VLANID                26      integer
>   ATTRIBUTE       Mikrotik_Wireless_VLANIDtype            27      integer

  No amount of poking FreeRADIUS will fix the problem.

  Alan DeKok.




More information about the Freeradius-Users mailing list